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METHOD IN A MOBILE TELECOMMUNICATION NETWORK FOR 
OBTAINING LOCATION AND TIME INFORMATION ABOUT USERS 

5 TECHNICAL FIELD 

The invention is concerned with a method in a nrtobile telecommunication network 
for obtaining location and time information about users as they \nsit various 
locations. 

10 

BACKGROUND ART 

in mobile telecommunication systems it is possible to determine with relative 
accuracy a geographic location of a mobile station. Such exact location 
IS information can be used for numerous purposes such as to provide directions to 
a user who is lost, or trying to avoid road congestion, for obtaining infomnation 
about a location or object close to the mobile station, etc. 

Several techniques are icnown for obtaining a general location of a mobile station. 

20 For example the general location may be determined using Location Service 
Area (LSA) identification techniques employed in known SolSA techniques. A 
very common technique is the Global Positioning System (GPS) generating 
location information from a mobile device. GPS is performed by means of a 
constellation of earth orbiting satellites that transmit standard signals that can be 

25 used for establishing the location of a user equipped with a GPS receiver. 
According to the GSM Specification 3GPP TS 11.14. V8.7.0 (20021-06) of the 
SIM application toolkit for ttie Subsciber Identity Module - Mobile Equipment 
(SIM ME) interfece developed wltiiin ttie 3"* Generation Parbiership Project, local 
infonnation is provided to the SIM including among others the mobile country 

30 code (MCC), the mobile network code (MNC) and the location area code (LAC). 
These codes and the cell ID are coded as in TS 04.08 [8]. (Paragraphs 10.5.1.1 



2 

and 10.5.1 .3. in GSM 04.08. The location area identification is sent to the mobile 
station. 

WO 01/49056 presents a precise location of a mobile station through Interaction 
5 with a mobile communication network and a global computer network. This is 
accomplished by inputting to a subject mobile station, a digital image of a 
geographic location sunrounding the subject mobile station or an object proximate 
the mobile station and transmitting the digital image to a mobile communication 
network, such as General Packet Radio service (GPRS) or a Global System for 
10 Mobile Communication (GSM). A general tocation Identifier is obtained for the 
mobile station, which identifier is compared with Information based on the digital 
image to detenntne the geographic tocation of the mobile station. 

US patent 6,154,727 relates to a system and method for tracking clients as they 
IS visit the locations of various recipients. The clients communicate with a computer 
that uses biometric parameters during the communication to identify the client. A 
method for tracking the clients making a cellular phone call is also disclosed, in 
which the geographic location of the phone call is identified. 



20 DEI 9940649 uses a combination of a personal electronic signature, password or 
biometric characteristics as a digital signature and a GPS signal for location and 
time detemiination, which combination is sent along with a data file. 



Also in US-patent 5,923,763. a GPS signal is used for location and time 

: 25 determination. Location signals are incorpororated into the timestamp to certify 

: both the time and the geographical location at which the document was 

• timestamped- 

• • • 

*: In timestamping the goal migm be digital data certification as well as time 

'[''\ 30 certification of a document Boimpies include camera data recorders to 

*!!!- timesteimp pictures, dateAtime recorders and computer doclcs to timestamp file 



creation. Timestamping can also be used to conduct certain analysis of network 
traffic, so that a timestamp is associated with each data packet, the time stamp 
having a value representing the time at which the packet is placed onto the 
network. The timestamping device might sign the time with a device specific 
5 private key to provide authenticity in addition to integrity. Even greater assurance 
can be provided by adding IDs, digital certificates, asymmetric or symmetric 
encryption, or other cryptographic techniques. US patent 5.923.763 presents a 
solution which combines these metiiods and Includes also GPS localization 
signals in the time stamp. 

US patent 6.307.950 presents a method and system for emb^ding signatures 
wittiin visual images in digital representation or film. A pattern of signature points 
selected from the pixels of an original image are used as signature in this 
solution. 

15 

Digital signatures and assymetric encyption is most commonly performed by 
means of Public Key Infrastructure (PKI). PKI is a system ttiat can be used to 
authenticate users, sign infonmation or encrypt infomnation. In a PKI system, two 
conesponding (also called asymmetric) keys, i.e. a public key and a private key. 

20 are used In connection with protecting information. Information, which Is 
encrypted with one of flie two keys, can be decrypted only with the other key. 
One important feature of PKI systems is that it is computationally unfeasible to 
use knowledge of one of the keys to deduce the other key. In a typical PKI 
system, each of the systems possesses a set of two such keys. One of the keys 

25 is maintained private while the other is freely published. 

A PKI distributes one or several public keys and determines whether a certain 
public key can be trusted for certain usage or not. An important concept in 
infrastructures built on public key cryptography is that of tiie Certification 
30 Authority (CA). The weakness In a public key system is that, even ttiough it is 
desirable that the public keys for ail users are easily available. It is also required 
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to assert that it is truly Icnown that a particular public key really Ijelongs to the 
user that one is communicating with. Thus CA is used for getting a digital 
certificate. It uses its good name to guarantee the conectness of a public key by 
signing the key, the signed key being called a digital certifieate. 

5 

vyfireless Application Protocol (WAP) defines an industry-wide spedficatton for 
developing applications that operate over wireless communication n^oiks 
including a set of protocols In transpoit. sesston and application layers. The 
WMLScript Crypto Library part of WAP provkies cryptographic functionality for a 
10 WAP client The browser has a WMLScript fonction. CryptcsignText, defined in 
said library document for associating a d^itai signature with generated data and 
uses special signature keys distinct from authentication keys for the signature 
computation. 

15 The signature process is performed with an algorihtm on a hash of the plain text 
to be signed. The hash is e.g. obtained by means of a standard hash fonction. 
such as MD-5 or SHA-1. The main function of the signature algorithm includes 
encryption of the hash with a private key. In addition, the algorithm has further 
features such as adding attributes to the message. One example of an attribute is 

20 the nounce, which is an arbitrary number, so that the private key would be 
different each time it is used. An other attribute is a time attribute added to the 
message for avoiding reply attacks. 

A special fomiat for transmission of signed content to and from WAP devices is 
25 defined. In that fomiat hash values of authenticated attributes are computed 
using a PKCS#7 template (an example of a structure for an encrypted message) 
to provide end-to-end authenUcalton between WAP clients and devices 
supporting the PKCSm standard for signed data representation. In tills fonnats, 
replay attacks are avoided by adding a time attribute by means of a counter. 

30 

THE OBJECT OF THE INVENTION 
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The object of the invention is a method to prove ttie location of a mobiie user at a 
given time In a new and practical way. 

5 

SUMMARY OF THE INVENTION 

In the method of the invention for otttiiining location and time information at>out 
users, a digital content is first created, which is stored In a user temilnai. Location 
10 data Is then retrieved from the user temnlnai. Bther or tioth of the location data 
and the digital content is digitally signed in the user terminal. Said signed content 
and location date Is combined and the combination Is timestamped. 

The advantageous embodiments of the invention are presented in the subclaims. 

15 

Whereas timestamping is a known method in itself for verifying the time for 
sending a given file, the method of the invention provides "spacestamping", since 
It is in first hand the location that is to be verified even if verification of the time 
also Is important. 

20 

The inv^tion is in the first hand meant to be used by mobile termlraii users. 

Spacestamping, used to prove that a person has visited a given location at a 
given time, is based on tal<ing location-based information from the subscriber 
•i 25 identity IVIodule (SIM) of a mobiie terminal, assembling It together with binary 
data, such as a picture of the pereon, having this information being digitally 
:•: : signed through the mobile tenninal, and having this digital signature being 

property time-stamped. Thus the Spacestamp of the invention is a combined 
package containing a digital content (e.g, an image), location t>ased infomfiation« 
* 30 the user's digital signature and a time-stamp. 
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Spacestamping gives the possibility to link a user with a location and provide 
means of assuring a third party that the user, having spaoestamped information, 
was at a given location at a given moment of time. 

5 

The actual implementation of the invention, based on a combination of location- 
based infomiatton from the SIM, digital signahjres, time-stamping and preferably 
an image can be done in several ways, some of which are more advantageous 
than ofiiers. 

10 

Two embodiments of the invention are presented below, one stronger and one 
weaker implementation. 

In the most advantageous embodiment the digital content is a picture and it is 
15 taken by a camera, which is directly linked to the mobile temiinal of the user. The 
mobile temiinai then digitally signs the digital content. In other embodiments the 
digital content might e.g. be a text file or a voice message. Preferably, the user 
needs to enter a correct PIN in order to have access to the private key, 
necessary for the signature In the signature process. Location data is retrieved 
20 from the mobile terminal and added as a signed attribute. 

The signed content is then distributed to an "authorized" trusted third party for a 
time-stamp. The "authorized'' third party, which can be the woricstation itself or an 

» external time stamp server, creates a time-stamp and thus completes the 

: 25 spacestamp. 

» • * 

\y: As the location infomnation is a relative point presented in the fomi of codes as 

*:-: standardized information inside a mobile operators network it need to be 

translated if it is desired to have an understandable geographical position. This 
30 shouki preferably teike place before the final time-stamp. The translation of a cell 
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position into a geographical position can also be digitally signed, it should then 
be combined with the other parts into the final spaoestamp. 

In another ernbodiment the digital content, created by e.g. a digital camera is 
5 downloaded Into e.g. a woricstation and thereafter sent to the user tenninal. 

The location information is retrieved from the mobile temiinal OTA (Over The Air) 
through an application residing in the workstation. The location data is converted 
into understandable geographical infonnation. such as coordinates, and then 
1 0 combined with the digital content. 

The digital content Is sent to the mobile temiinal for the user to be digitally 
signed. The user enters the conrect PIN in order to have access to the private 
key, necessary for the signature. 

15 

The signed content is distributed back to the workstation and it is time-stamped. 
The time-stamp is handled by the workstation or distributed to, and handled by, 
an "authorized" trusted third party. The time-stamp completes the spacestamp. 

20 The location Information retrieved within the SIM is a relative point inside a 
mobile operators network. A proper timestamp should preferably include a fixed 
geographical position (at least a position within a reasonable accurate area) and 
not just a relative location within some operators network. Thus, it needs to be 
translated and the operator in use cun^ntly owns this translation table. This 

25 translation table can be made open to the public. 

There are several possible uses for the invention. It Is useful to have a method, 
which can be us^ to prove that you e.g. has been present at a given event, in 
which fime and space location together with a digital signature includes all what 
30 is needed. With the method of the invention, a night-guard can for example 
spaoestamp ail location in a nightly round. Furthermore, like people collecting 
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first-day-lssues of stamps, people might In the future collect spacestamps from 
different cities, from first/last or other events etc. 

In the following the mventton will be descritiecl by means of some figures and 
detailed examples, which are for lllustrattve purposes only and not meant to 
restrict the invention in anyway, which is defined by the patent claims. 



BRIEF DESCRIPTION OF DRAWING 

10 

Figure 1 presents an example of a network wherein the invention can be applied 
and a firet emtMxilment 

Figure 2 presents a detailed example of another embodiment of the invention in 
IS the from of a signaling sequence diagram 

DETAILED DESCRIPTION 

20 Figure 1 presents an example of a networit wherein the invention can be applied. 
It is assumed that a user having a mobile station MS is visiting an event, such as 
a sports event. The event has a PC with which the mobile station MS can 
communicate. The MS is in turn in network contact with a server communicating 
with a telecom operator. The mobile station also communicates with another 

25 mobile station MS2 or PC. 

The event offers certain services to mobile users visiting the event by means of 
the PC. The PC might e.g. have pictures or other files stored, which the users 
wish to send to other tennlnals together with an appropriate space stamp as a 
30 greeting message or to prove that they really visited the event There might also 
be a digital camera in connection with the PC, with which a pichire can be taken 



of the user. This is performed by havlrjg the user positioned in front of the PC, 
which taices the picture by means of a digital camera llnlced to the PC. The 
picture is then stored as a file in the PC. 

5 A mobile user can get access to the services offered by the PC by e.g. entering 
the phone number and sending It from the mobile station to the PC as a request 
for the service (Stepi). 

After that the mobile user have entered the phone number and got access to the 
10 service, a picture stored In the PC or taken of the user is sent to the mobile 
station of the user (Step 2). 

The user now wants to have a digital signature and a time stamp to the file or a 
representation of the file is sent from the PC in step 2. The representation of the 
15 file can e.g. be in the form of a hash of the file or other compressed form. A 
pichire can e.g. be represented as in US patent 6.307.950 by a pattern of a 
sufficient number of points. The file or the representation of the file is sent e.g. to 
a time stamp server for time stamping in step 3 

20 in step 3. the mobile station also sends location data retrieved from the SIM 
(Subscriber Identity Module) card to the server TS. As the location data is 
presented as the mobile country code (MCC), the mobile network code (MNC). 
the location area code (iJVC) and cell ID coded as in TS 04.08 [8] mentioned 
earlier, the mobile station needs to have these location data converted to 

25 understandable geographical coordinates for the space stamp. The time stamp 
server TS fetches these geographical coordinates from ttie operator In steps 4,5 
and send them together with the time stamped file or time stamped 
representation of the file back to the mobile station in step 6. 



30 in an alternative embodiment the mobile station might Itself fetch 
geographical coordinates from the operator. 
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The mobile station tlien signs the time stamped file and sends it to the receiver in 
step 7. The format of the signed content differs from the one describe in the 
prior art section for transmission to and from WAP devices in that a location data 
attribute is added to the structure. 

Figure 2 presente a detailed example of an other embodiment of the invention in 
the from of a ^gnaling sequence diagram. 



The network wherein this embodiment is implemented contains the same entitles 
10 as in that of figure 1. 

A mobile user requests for a service from a PC that is equipped with a digital 
camera in step 1. The service can consist of a picture or text file to be 
downloaded, or a service consisting of taldng a digital picture of the user. The P 
15 notes the telephone number of the user and sends the requested file to the 
mobile station in step 3. Alternatively, a picture is tal<en of the user by the digital 
camera linked to the PC in step 2 before step 3 is performed. 

In step 4, the mobile station signs the file. i.e. the picture or the text file, 
20 Retrieving of location data from the SIM of the mobile station is Involved in the 
signing algorithm. These location data is used In the Invention, possible together 
wit a picture taken with a digital camera as a space stemp to prove for the 
receiver that the user actually visited the event. The location data is presented as 
digital data not understendable. why the mobile uses needs to convert the 
• j!= 25 location data to understandable geographical coordinates. For this purpose, a 
I request for conversation date Is sent in step 5 to the time stemp sen/er also 

\0 woricing as a server for other functions. The time tamp server TS fetch said 

' geographical coordinates conresponding to the retrieved location date In steps 6, 

• 7 from the operator and thereafter time stamps the signed message together with 

30 said geographical coortlinates In step 8 and sends the time stamped package 
- . • back to the mobile user in step 9. The mobile user can now send a time stemped 



message to the receiver in step 10 to prove tiiat he actually has visited the given 
event The message includes a picture of the viated event possible together with 
a picture of the user, location data in an understendable fomn, the digital 
signature of flie user and a time stamp of the whole padcage. 



m 
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CLAIMS 

1. Method in a mobile telecommunication network fbr obtaining location and 
time infomiatlon about users, the telecommunication network comprising 
5 one or more user tenminals, a service enttty. a time-stamp server and an 

operator, the method comprising the following steps 

a) creating a digital content, 

b) storing said content in a user tenninal, 

c) retrieving location data from the user terminal, 

10 d) digitally signing the content of c) In said user terminal, and before or 

after step d), 

e) time-stamping the content of the foregoing steps. 



2. Method of claim 1, characterized in that the digital signing is 
15 performed after step c), whereafter the combination of signed content and 

location data is time-stamped. 

3. Method of claim 1 or 2. characterized in that the digital content is 
created in step a) is a text file or a voice message. 

20 

4. Method of claim 1 or 2, characterized in that, the digital content is 
created in step a) by taking a picture with a digital camera. 

5. Method of daim 4, c h a r a c t e r i z e d in that the digital camera is 
linked with the mobile device, which gets the picture directly. 

6. Method of claim 4, c h a r a c t e r i z e d in that the digital camera is a 
separate network element, whereby the picture taken by the digitel camera 
is downloaded to a workstation and thereafter sent to the mobile station. 




30 
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7. Method of any of daims 1-6. characterized in that the digital 
signature ia performed in step c) with the user's private icey stored in the 
user terminal. 

5 8. MethodofdaimT.characterized In that a PIN code is entered by 
the user to access the prh/ate key. 

9. Methodofanyofclaimsl -8,characterized In that location data is 
retrieved from the user temiinal during the signature process as an 

10 attribute, which is separately sighed. 

10. Method of any of claims 1-9, characterized in that before signing 
the location data, it is translated to understandable geographical data such 
as coordinates. 

15 

11. Method of any of claims 1-10, characterized in that the signed 
combination is distributed to a trusted third party for timestamping. 

12. Method of any of claims 1-10, characterized in that the signed 
20 combination is distributed to the wort(station for timestamping. 

1 3. Metiiod of any of daims 1-12,characterized in that in step d) the 
location data is retrieved from the user temrtinai over the air through an 
application residing in the worietafion. 

25 



30 




ABSTRACT 

S The present invention relates to a method in a mobile telecommunication 

network for obtaining location and time information about users, the 
telecommunication network comprising one or more user terminals, a 
service entity, a time-stamp server and an operator, the method 
comprising the following steps a) creating a digital content, b) storing said 

10 content in a user terminal, c) retrieving location data from the user 

terminal, d) digitally signing the content of c) in said user tenninal, and 
before or after step d), e) time-stamping the content of the foregoing steps. 
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